<?php
session_start();
require_once 'db/config.php';

if (!isset($_SESSION['user']) || $_SESSION['user'] !== 'admin') {
    header('Location: login.php');
    exit;
}

if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['id'])) {
    $id = $_POST['id'];
    $pdo = db();
    $stmt = $pdo->prepare("DELETE FROM attendees WHERE id = ?");
    
    if ($stmt->execute([$id])) {
        if ($stmt->rowCount() > 0) {
            $_SESSION['message'] = "Attendee with ID $id has been deleted successfully.";
        } else {
            $_SESSION['message'] = "Error: No attendee found with ID $id. Nothing was deleted.";
        }
    } else {
        $_SESSION['message'] = "Error: Could not execute the delete statement.";
    }
} else {
    $_SESSION['message'] = "Error: Invalid request.";
}

header('Location: admin.php');
exit;